Back to bug 2211322

Who	When	What	Removed	Added
Avinash Hanwate	2023-05-31 06:02:16 UTC	CC		security-response-team
Avinash Hanwate	2023-05-31 07:52:45 UTC	Deadline	2023-06-14	2023-06-15
Avinash Hanwate	2023-05-31 09:23:59 UTC	Group		team ocp_embargoes
Avinash Hanwate	2023-06-15 05:36:34 UTC	Summary	EMBARGOED CVE-2023-2727 kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin	CVE-2023-2727 kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
		CC		dfreiber, jburrell, rogbas, vkumar
		Deadline	2023-06-15
		Fixed In Version		kube-apiserver 1.27.3, kube-apiserver 1.26.6, kube-apiserver 1.25.11, kube-apiserver 1.24.15
		Group	qe_staff, team ocp_embargoes, security
Avinash Hanwate	2023-06-15 05:43:45 UTC	Depends On		2215200, 2215202
Avinash Hanwate	2023-06-15 07:43:25 UTC	Doc Text		A security issue was discovered in Kubernetes where users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
RaTasha Tillery-Smith	2023-06-15 12:42:21 UTC	Doc Text	A security issue was discovered in Kubernetes where users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.	A flaw was found in Kubernetes, where users may be able to launch containers using images restricted by the ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
Red Hat Bugzilla	2023-07-07 08:33:22 UTC	CC	security-response-team
		Assignee	security-response-team	nobody
Doug Hellmann	2023-07-25 20:21:49 UTC	CC		dhellmann

Back to bug 2211322